vSphere with Tanzu integrates with several third-party services that use the vSAN Data Persistence platform for their persistent storage needs. As a vSphere administrator, enable the services on vCenter Server.

Starting with the vSphere with Tanzu 7.0 Update 3 release, you can download available third-party services from a VMware supported repository.

When you enable the stateful service, you first register the service with vCenter Server using the downloaded YAML file that describes the service. You then install the service on Supervisor Clusters so that your DevOps engineers can use the service in Kubernetes workloads.


  • Required privilege: Supervisor Services.Manage Supervisor Services
  • Make sure that your Supervisor Cluster uses the NSX networking stack. vSAN Data Persistence platform does not support vSphere Distributed Switch (vDS) networking.

    For information on setting up NSX-T, see Configuring NSX for vSphere with Tanzu.

  • Download a partner service YAML file from the repository maintained by VMware.

    When you download the service YAML files, make sure to use correct service version compatible with your version of vSphere.

    If you installed earlier versions of partner services, MinIO and Cloudian Hyperstore, upgrade them to compatible versions after upgrading vSphere to version 7.0 Update 3. The newer versions of partner operators fix certain issues and use new platform features. For more information, see the partner documentation.
    Table 1. Compatibility Matrix for vSphere and Partner Services
    vSphere Version Partner Service Service Version Kubernetes Version
    vSphere 7.0 Update 3 MinIO 2.0.0 1.19, 1.20, 1.21
    Cloudian 1.2.0 1.19, 1.20, 1.21
    Use one of the following methods to download the YAML file:
    • In the https://vmwaresaas.jfrog.io/ repository, navigate to an appropriate partner folder in Artifacts > vDPP-Partner-YAML and select a YAML file to download.

      The latest version of the partner YAML is located in the top level partner directory.

    • Use the wget or curl commands to download the YAML files.
      For example:
      wget https://vmwaresaas.jfrog.io/artifactory/vDPP-Partner-YAML/Cloudian/Hyperstore/SupervisorService/hyperstore-supervisorservice.yaml


  1. Configure vSAN or vSAN Direct storage.
    For information on setting up vSAN storage, see the Administering VMware vSAN. To set up vSAN Direct, see Set Up vSAN Direct for vSphere with Tanzu.

    vSAN Direct datastores appear in Kubernetes as StoragePools.

  2. Add a stateful service to the vCenter Server system.
    Use the partner service YAML file that you downloaded from the repository maintained by VMware.
  3. Install the service on Supervisor Clusters.
    After you enable the service, the vSAN Data Persistence platform performs the following actions to create necessary resources for the service:
    • Creates a namespace for this service in the supervisor cluster.
    • Creates default storage policies and corresponding storage classes to be used with vSAN Shared-Nothing-Architecture (SNA) and vSAN Direct datastores.
      Note: The vSAN Data Persistence platform automatically creates vsan-direct and vsan-sna storage classes in the namespace after the vSphere administrator enables the stateful service. Only applications that run on the Supervisor Cluster can use the vsan-direct and vsan-sna storage classes. These storage classes cannot be used inside a Tanzu Kubernetes cluster.

      In vSphere 7.0 Update 2 and later, the vSAN Direct storage policy is capability-based. If you created tag-based policies in vSphere 7.0 Update 1, they are automatically converted to capability-based after an upgrade to vSphere 7.0 Update 2 and later.

      If you want to create new storage policies and assign them to the service namespace instead of the default, see Create vSAN Direct Storage Policy and Create vSAN SNA Storage Policy.

    • Creates DevOps roles, including the roles with edit and view permissions.

      When the service operator is deployed, its custom CRDs are installed in the Supervisor Cluster. Users with the edit permission can CRUD resources of these CRDs in the namespace. Users with the view permission can only view resources of this CRD.

    • If the third party has provided a custom UI plugin, it appears in the vSphere Client. The vSphere administrator can use the plugin to manage the service.
  4. Select the namespace created for the service and click the Summary tab to verify that all appropriate resources for the service have been created.
    The Summary page shows storage policies assigned to the namespace, the vSphere Pods running on the namespace, and so on.

What to do next

  • The DevOps engineer uses the kubectl command to access the service namespace and uses the third-party CRDs to deploy instances of the third-party application service. For more information, see the third-party documentation.

    To verify that the namespace you use for stateful services has appropriate storage classes, see Check Storage Policies Available for Stateful Services.

  • If the third party has provided a custom UI plugin, the vSphere administrator can use the plugin to manage and monitor the service.

    For more information, see the third-party UI plugin documentation. In addition, the vSphere administrator can use the Skyline Health checks to monitor the services. See Monitor Stateful Services in vSphere with Tanzu